Security - eWeek

Page 3 - Vista Security Check: This Time Microsoft Means Business

	LATEST STORIES
	- Amazon Opens Public Beta for SimpleDB Servic... - HP, IBM Watch Server Revenue Drop as Financi... - How to Strengthen Your Enterprise Wireless N... - Adobe Leverages Ecosystem for RIA Dominance - Intel Arms Lenovo ThinkPad Laptops with New ...

	eWEEK EDITORIAL CALENDAR
	For a list of what eWEEK is covering this year, go to our editorial calendar.


	NAC 2.0: A New Model For A More Secure Future from Sophos PBX Buyer's Guide from VoIP-News Giving Service Companies a Fast Start from SAP See All Resources >


	Server Virtualization The Windows Server Virtualization Platform Hardware virtualization introduces significant new hardware requirements and new management, support, and licensing challenges. Join presenters from Unisys on December 10 as they outline the hardware virtualization software that Microsoft offers, looks at the tools Microsoft provides for managing virtualized servers, and examines licensing and support implications of deploying hardware virtualization. Register Now!

Security

Vista Security Check: This Time Microsoft Means Business

By Larry Seltzer
2006-05-29

Article Views: 1944
Article Rating:

/ 0

Table of Contents:

Rate This Article:

Add This Article To:

Digg this

Del.icio.us

Slashdot

Y! My Web

E-mail

Furl

Google

Simpy

Spurl!

PDF Version

Vista Security Check: This Time Microsoft Means Business - ' Internet Explorer 7'
( Page 3 of 3 )

+">

Internet Explorer 7+. So much has been written about IE7 that Ill not go into any detail. As I blogged recently, Microsoft decided to rename IE7 on Vista as IE7+ because it has several important features not available to IE7 on other platforms.

Protected Mode: In Vista, IE7 runs with specially crippled permissions. Anything remotely dangerous is blocked. If necessary, with explicit permission, users can elevate permissions. This is analogous to some of the user account control advances described above, and I believe subject to some of the same social engineering attacks. But its still an important improvement.

ActiveX Opt-In. Vista users are prompted before they can access a previously installed ActiveX Control that has not yet been used on the Internet. Web sites that attempt automated attacks can no longer secretly attempt to exploit ActiveX Controls that were never intended to be used on the Internet.

Many of the other improvements in IE7, such as the Phishing Filter, are available on earlier Windows versions as well.

Click here to read about new Windows Media Player features expected to debut with Windows Vista.

Theres more in the document and more thats not in it. Last week on multiple security lists the famous David Litchfield of NGS Software revealed that Windows Vista Beta 2 implements Address Space Layout Randomization. With ASLR Windows randomizes the locations of different Windows program sections: the heaps, stacks and base load addresses. For lots of gory details on ASLR, see Litchfields paper "Buffer Underruns, DEP, ASLR and Improving the Exploitation Prevention Mechanisms (XPMs) on the Windows Platform."

The short answer to your "so what?" is that ASLR—properly implemented—makes exploitation of overflows in programs considerably harder to accomplish. Other researchers piped up to say that similar techniques have been used in hardened versions of Linux and there are ways to defeat them, but theres some controversy over how true this really is and how relevant it is to Microsofts implementation. Clearly more research needs to be done, and betas the time to do it.

Its easy to get cynical about Windows security, but I look at the last couple years, since XP SP2 especially, and I see a vastly improved situation. Its been more than two years since Sasser, the last of the great network worms. There have been threats and fears of serious outbreaks in that time, but the worst you can say is that the tools exist for conscientious users and administrators to protect their systems. The flaws that weve seen lately typically require some user intervention and are blockable through other means.

This is due in large part to all the work Microsoft did on Windows security. Why doubt that the company is capable of greater advances in Vista?

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

MOST READ SECURITY STORIES
PAST 7 DAYS

1 - Microsoft Vulnerability Faces New Round of Attacks (10049)
2 - Google Says Reports of Gmail Flaw Unfounded (5851)
3 - Spam Levels Creep Back Up 2 Weeks After McColo Shutdown (5751)
4 - Thinking Consumer Security for the Holidays (5205)
5 - Smartphone Security Good Filler for Christmas Stockings (3084)
6 - How to Secure Your E-Commerce Web Site for Online Holiday Shopping (2588)
7 - Santa Thinks IT Security This Christmas (2268)
8 - Intel Arms Lenovo ThinkPad Laptops with New Anti-theft Technology (1545)
9 - It's Time to Sign the Root Zone Already (1393)
10 - How to Strengthen Your Enterprise Wireless Network Security (1037)

Videos Sponsored by:

EWEEK E-MAIL NEWSLETTERS bring you reliable, timely information to stay on top of the business of technology -- and technology in business -- and get more out of the Web. Make your choices and start your subscriptions today!

EWEEK RSS NEWS FEEDS contain a daily feed of our latest stories from over 30 different categories including Enterprise Apps, Business Intelligence, Security, VOIP and more!

Subscribe to our RSS feeds today for free...

	Issue Index \| Contact Us \| About \| Advertise \| Magazine Customer Service \| Site Map
	Security: Enterprise Security Network Security Infrastructure Security How To: Data IT Security News Cheap Hack Blog Security Watch Blog Storage: Data Storage Cloud Storage Storage Virtualization Network Access Storage Storage Reviews Data Storage News How To: Storage Storage Station Blog Computing: Apple OSX Linux Systems Windows Vista Managed Print Services Cloud Computing PC Reviews Microsoft Watch Blog Apple Watch Blog Google Watch Blog Communications: VoIP Solutions Wireless Technology Messaging Software Web Services Mobile Applications Wireless News Mobile Reviews Apps & Development: Application Development SAAS Search Engines Database Software Web 2.0 IT Project Management Emerging Tech Blog CIO Insight Blogs CIOs
	Vertical Markets: Federal Government IT Health Care IT Finance IT Mid-Market Channel Partners Careers Blog Value Added Resellers More eWeek Links: Green Computing Center Tech Knowledge Center Tech Newsletters Tech RSS Feeds White Papers Tech Podcasts Tech Videos eWeek Magazine Subscriptions Enterprise Websites: ZDE Home Baseline Channel Insider CIO Insight eSeminars eWeek Mid-Market Publish Online Web Buyers Guide Developer Websites: Dev Shed DeveloperShed ASP Free MS DevSource SEO Chat Codewalkers Tutorialized Scripts.com Dev Mechanic Dev Articles Web Hosters Dev Hardware Technology Websites: Device Forge Desktop Linux Linux Devices Windows for Devices iGrep Search Engine PDF Zone Linux Watch
	Use of this site is governed by our Terms of Use and Privacy Policy Copyright ©1996-2008 Ziff Davis Enterprise Holdings Inc. All Rights Reserved. eWEEK and Spencer F. Katt are trademarks of Ziff Davis Enterprise Holdings, Inc. Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise Inc. is prohibited. eWeek is your best source for the latest Technology News. ZDE Cluster 6 hosted by Hostway.